In computing systems, a trusted execution environment (TEE) may be implemented as a secure enclave that runs inside a dedicated trusted computing base (TCB), wherein the secure enclave may receive and operate on sensitive information. Virtualized computing architectures may include one or more virtual machines that are managed by a virtual machine monitor (VMM, e.g., hypervisor). In a virtualized enclave-based computing system, both the VMM and the operating system (OS) of a given virtual machine (VM) may operate outside the trusted computing base of a particular enclave (although the VMM may run inside a different TCB from the TCB of the secure enclave). Accordingly, there may be a risk of malware using the VMM and OS components to create an enclave launch sequence that enables the malware to misrepresent the memory location of the enclave, capture and/or manipulate sensitive information delivered to the enclave, pass false information to other secure enclaves, and so forth.